Confirmed users
2,615
edits
User:Dmose:Protocol Handler Security Review: Difference between revisions
User:Dmose:Protocol Handler Security Review (view source)
Revision as of 18:52, 6 November 2007
, 6 November 2007→Security and Privacy
| Line 76: | Line 76: | ||
*** a rogue site could trick a user into registering a handler that would go to a large mail site (e.g. Yahoo mail) but via a redirector that could then sniff all requests; filed {{bug|402287}} | *** a rogue site could trick a user into registering a handler that would go to a large mail site (e.g. Yahoo mail) but via a redirector that could then sniff all requests; filed {{bug|402287}} | ||
*** verify that we don't leak various information; filed {{bug|402641}} | *** verify that we don't leak various information; filed {{bug|402641}} | ||
*** need to decide on best behavior re opening in new tab/window; filed {{bug|402736}} | |||
== Exported APIs == | == Exported APIs == | ||